use of org.apache.jackrabbit.core.config.LoginModuleConfig in project jackrabbit by apache.
the class SimpleSecurityManager method init.
//------------------------------------------< JackrabbitSecurityManager >---
/**
* @see JackrabbitSecurityManager#init(Repository, Session)
*/
public void init(Repository repository, Session systemSession) throws RepositoryException {
if (initialized) {
throw new IllegalStateException("already initialized");
}
if (!(repository instanceof RepositoryImpl)) {
throw new RepositoryException("RepositoryImpl expected");
}
this.systemSession = systemSession;
config = ((RepositoryImpl) repository).getConfig().getSecurityConfig();
// read the LoginModule configuration
LoginModuleConfig loginModConf = config.getLoginModuleConfig();
authCtxProvider = new AuthContextProvider(config.getAppName(), loginModConf);
if (authCtxProvider.isLocal()) {
log.info("init: using Repository LoginModule configuration for " + config.getAppName());
} else if (authCtxProvider.isJAAS()) {
log.info("init: using JAAS LoginModule configuration for " + config.getAppName());
} else {
String msg = "No valid LoginModule configuriation for " + config.getAppName();
log.error(msg);
throw new RepositoryException(msg);
}
Properties[] moduleConfig = authCtxProvider.getModuleConfig();
// retrieve default-ids (admin and anonymous) from login-module-configuration.
for (Properties aModuleConfig1 : moduleConfig) {
if (aModuleConfig1.containsKey(LoginModuleConfig.PARAM_ADMIN_ID)) {
adminID = aModuleConfig1.getProperty(LoginModuleConfig.PARAM_ADMIN_ID);
}
if (aModuleConfig1.containsKey(LoginModuleConfig.PARAM_ANONYMOUS_ID)) {
anonymID = aModuleConfig1.getProperty(LoginModuleConfig.PARAM_ANONYMOUS_ID);
}
}
// fallback:
if (adminID == null) {
log.debug("No adminID defined in LoginModule/JAAS config -> using default.");
adminID = SecurityConstants.ADMIN_ID;
}
if (anonymID == null) {
log.debug("No anonymousID defined in LoginModule/JAAS config -> using default.");
anonymID = SecurityConstants.ANONYMOUS_ID;
}
// most simple principal provider registry, that does not read anything
// from configuration
PrincipalProvider principalProvider = new SimplePrincipalProvider();
// skip init of provider (nop)
principalProviderRegistry = new ProviderRegistryImpl(principalProvider);
// register all configured principal providers.
for (Properties aModuleConfig : moduleConfig) {
principalProviderRegistry.registerProvider(aModuleConfig);
}
SecurityManagerConfig smc = config.getSecurityManagerConfig();
if (smc != null && smc.getWorkspaceAccessConfig() != null) {
workspaceAccessManager = smc.getWorkspaceAccessConfig().newInstance(WorkspaceAccessManager.class);
} else {
// fallback -> the default simple implementation
log.debug("No WorkspaceAccessManager configured; using default.");
workspaceAccessManager = new SimpleWorkspaceAccessManager();
}
workspaceAccessManager.init(systemSession);
initialized = true;
}
use of org.apache.jackrabbit.core.config.LoginModuleConfig in project sling by apache.
the class DelegatingLoginModule method initialize.
public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) {
Configuration config = null;
try {
config = Configuration.getInstance(JAAS_CONFIG_ALGO_NAME, null, providerName);
} catch (NoSuchProviderException e) {
logger.debug("No provider " + providerName + "found so far", e);
} catch (NoSuchAlgorithmException e) {
logger.debug("No provider " + providerName + "found so far for fetching JAAS " + "config with algorithm name " + JAAS_CONFIG_ALGO_NAME, e);
}
if (config != null) {
final Thread current = Thread.currentThread();
final ClassLoader orig = current.getContextClassLoader();
try {
current.setContextClassLoader(DelegatingLoginModule.class.getClassLoader());
loginContext = new LoginContext(appName, subject, callbackHandler, config);
} catch (LoginException e) {
loginException = e;
} finally {
current.setContextClassLoader(orig);
}
} else {
//No support so far from OSGi so would use default logic used by Jackrabbit
//to construct the LoginModule
Properties p = new Properties();
p.putAll(options);
BeanConfig bc = new BeanConfig(delegateLoginModuleClass, p);
LoginModuleConfig lmc = new LoginModuleConfig(bc);
try {
delegate = lmc.getLoginModule();
delegate.initialize(subject, callbackHandler, sharedState, options);
logger.info("No JAAS Configuration provider found would be directly invoking LoginModule {}", delegateLoginModuleClass);
} catch (ConfigurationException e) {
//Behaviour is same as org.apache.jackrabbit.core.security.authentication.LocalAuthContext.login()
loginException = new LoginException(e.getMessage());
}
}
}
use of org.apache.jackrabbit.core.config.LoginModuleConfig in project jackrabbit by apache.
the class DefaultSecurityManager method init.
//------------------------------------------< JackrabbitSecurityManager >---
/**
* @see JackrabbitSecurityManager#init(Repository, Session)
*/
public synchronized void init(Repository repository, Session systemSession) throws RepositoryException {
if (initialized) {
throw new IllegalStateException("already initialized");
}
if (!(repository instanceof RepositoryImpl)) {
throw new RepositoryException("RepositoryImpl expected");
}
if (!(systemSession instanceof SystemSession)) {
throw new RepositoryException("SystemSession expected");
}
this.systemSession = (SystemSession) systemSession;
this.repository = (RepositoryImpl) repository;
SecurityConfig config = this.repository.getConfig().getSecurityConfig();
LoginModuleConfig loginModConf = config.getLoginModuleConfig();
// build AuthContextProvider based on appName + optional LoginModuleConfig
authContextProvider = new AuthContextProvider(config.getAppName(), loginModConf);
if (authContextProvider.isLocal()) {
log.info("init: use Repository Login-Configuration for " + config.getAppName());
} else if (authContextProvider.isJAAS()) {
log.info("init: use JAAS login-configuration for " + config.getAppName());
} else {
String msg = "Neither JAAS nor RepositoryConfig contained a valid configuration for " + config.getAppName();
log.error(msg);
throw new RepositoryException(msg);
}
Properties[] moduleConfig = authContextProvider.getModuleConfig();
// retrieve default-ids (admin and anonymous) from login-module-configuration.
for (Properties props : moduleConfig) {
if (props.containsKey(LoginModuleConfig.PARAM_ADMIN_ID)) {
adminId = props.getProperty(LoginModuleConfig.PARAM_ADMIN_ID);
}
if (props.containsKey(LoginModuleConfig.PARAM_ANONYMOUS_ID)) {
anonymousId = props.getProperty(LoginModuleConfig.PARAM_ANONYMOUS_ID);
}
}
// fallback:
if (adminId == null) {
log.debug("No adminID defined in LoginModule/JAAS config -> using default.");
adminId = SecurityConstants.ADMIN_ID;
}
if (anonymousId == null) {
log.debug("No anonymousID defined in LoginModule/JAAS config -> using default.");
anonymousId = SecurityConstants.ANONYMOUS_ID;
}
// create the system userManager and make sure the system-users exist.
systemUserManager = createUserManager(this.systemSession);
createSystemUsers(systemUserManager, this.systemSession, adminId, anonymousId);
// init default ac-provider-factory
acProviderFactory = new AccessControlProviderFactoryImpl();
acProviderFactory.init(this.systemSession);
// create the workspace access manager
SecurityManagerConfig smc = config.getSecurityManagerConfig();
if (smc != null && smc.getWorkspaceAccessConfig() != null) {
workspaceAccessManager = smc.getWorkspaceAccessConfig().newInstance(WorkspaceAccessManager.class);
} else {
// fallback -> the default implementation
log.debug("No WorkspaceAccessManager configured; using default.");
workspaceAccessManager = createDefaultWorkspaceAccessManager();
}
workspaceAccessManager.init(this.systemSession);
// initialize principal-provider registry
// 1) create default
PrincipalProvider defaultPP = createDefaultPrincipalProvider(moduleConfig);
// 2) create registry instance
principalProviderRegistry = new ProviderRegistryImpl(defaultPP);
// 3) register all configured principal providers.
for (Properties props : moduleConfig) {
principalProviderRegistry.registerProvider(props);
}
initialized = true;
}
Aggregations